Hi Samit,
Do you have the output of show pfe statistics traffic from this
router?
What was the type of DoS attack traffic? Was it directed to any of
the interfaces on the router? Did you have any filter applied to
loopback interface to drop such traffic? If yes, did any of the
filters
I do have filter in placed to protect the RE. But the attack is not
targeted or directed to any interfaces of my router. My customer network
as under DoS attacked , tcpdump snapshot attached below x is source
and y is target.
04:16:18.225986 IP x.x.x.x.12372 y.y.y.y.18990: UDP,
length 36
On Sun, Feb 15, 2009 at 5:49 AM, Samit janasa...@wlink.com.np wrote:
I do have filter in placed to protect the RE. But the attack is not
targeted or directed to any interfaces of my router. My customer network
as under DoS attacked , tcpdump snapshot attached below x is source
and y is
I don't see any drops in the sofware or hardware queues towards RE. So
it does not look like it was this router that was affected by DOS
attack and caused BGP flap. As Stefan mentioned, check the logs for
the BGP notification reason and to find out if we sent or received the
Notification.
After doing further investigation, I found that in-fact my Cisco-vxr
Npe-g2 and g1 in the path (between M7i and customer router) suffered
the Dos and due to cpu saturation the bgp flapped. Earlier I did not
noticed because the cpu utilization graph of Cisco showed only 50% in
npe-g2 and 80% in
Hi,
Today early in the morning around 4am we had a udp based DoS from the
Internet destinate to one of my customer network for about over 1.5hr.
The pps rate was from 165k to 245k peak and at the rate of around 90Mbps
as per the mrtg graphs. I don't have any Qos running, but I noticed
later that
6 matches
Mail list logo
